First off, how can libvirt access /var/lib/libvirt/images when root is the owner and group? Is there another of security letting libvirt access root files in only some directories?

The new pool in on an external drive, same permissions as the default images folder. Via virt-manager I can create images, but it tells me it does not have search permissions. I cannot access the image after creating it.

EDIT: Ok, i figured in out. When mounting the disk from the desktop, it adds the following mount options: (rw,nosuid,nodev,relatime,uhelper=udisks2)

I am guessing its the nosuid tag. When mounting with "defaults" in fstab, it mounts with (rw,relatime) and it works fine.

This question came from our site for system and network administrators.

You do know you can change the user:group of files and directories, don't you?
– TomDec 13 '18 at 11:01

Yes Tom. You are missing the point. By default the image folder is owned by root, and libvirt can access it with a problem. How is that possible? and how is it that my new folder with the same permissions don't work?
– m-momrDec 13 '18 at 12:45

Ah... that’s because of SELinux.
– TomDec 13 '18 at 12:55

Does SELinux run on Ubuntu by default? I thought SELinux was for Fedora/Red hat distros, and Apparmor was for Debian/Ubuntu.
– m-momrDec 13 '18 at 13:07